Hi! On 8/30/05, Vic Vandal <[EMAIL PROTECTED]> wrote: > This has been going around since early Monday afternoon. Symantec > and other AV vendors have had code since then, and no details STILL. > > I guess one can call it the Katrina worm until something better comes along.
Haven't seen the one you mentioning (care to share?), however the usual stuff like ssl.exe, mousebm.exe, runs.pif, ried.pif, wintbp.exe etc are still quite active as i found a lot of them in my honeypot so the attack vector is still high. W. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
